Installation-Supplied Authorization Exit Routine

You can write an exit routine to bypass authorization checking for both non-VSAM and VSAM data sets. The name of the routine must be ADRUPSWD. This routine is not given control for a COPYDUMP or CONVERTV operation.

The routine gets control at two levels: the volume level and the data set level (except for DEFRAG or CONSOLIDATE, which is given control at the volume level only). Control is always given at the volume level first, unless the data set is being renamed during a RESTORE operation. During RESTORE with a renamed data set, a data set level check is done against the source data on the dump tape first, and then a volume level check is done against the target volume. This is then followed by a data set level check against the target data set. A description of the two levels follows.

At the volume level, for DUMP, COPY, PRINT, and RESTORE, you can determine if the user is allowed to proceed with the function. During DEFRAG or CONSOLIDATE, you can determine if protected data sets can be relocated. This exit is not called for each data set when performing full volume operations.

Your installation authorization exit routine can do one of the following:

End the operation.
Request processing without authorization checking at the data set level.
Request that the installation authorization exit be entered at the data set level.

At the data set level, the routine is given control during DUMP, COPY, PRINT, RESTORE, COMPRESS, and RELEASE only if the authorization exit routine instructs DFSMSdss to check authorization at the data set level. However, the routine is not given control at this level during DEFRAG or CONSOLIDATE. At the data set level, you can:

End processing of the volume.
End processing of the current data set.
Bypass authorization checking of the current data set.
Have DFSMSdss check authorization for the current data set.
For the previous three options, you can specify whether or not the exit routine is entered for subsequent data sets.